Daniel Phillips wrote:> It is designed to be crash-safe:> > - Each snapshot exception is logged to disk by overwriting the last sector> of a grow-only list of snapshot exceptions.> > - Write completion is not handed back up the chain until:> > - the data to be overwritten has been copied to a new exception> - the new exception has been logged to the snapshot store as above> > As far as I can see, the concept is leak-proof, except for being sensitive to > random garbage in the last few sector writes. I suspect that doesn't happen > on modern disk drives. If it does, I hope somebody will shout.> > I am not sure what you mean about barriers, perhaps you were thinking of > synchronous waiting. This snapshot driver does wait for completions, but it > pipelines the waits so throughput is not affected much (snapshot overhead is > dominated by copyouts).